Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability on WLC

Hi

I’m looking for any workarounds or fixes in regards to the "SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability" on WLC 5500's. I have checked the Cisco Bug tracker and viewed CSCts83689, but according to the latest security scans, we are still open to this vulnerability despite running one of the “fixed in” releases of software. The latest 7.4 release does not list the vulnerability or caveat at all, and the language in the following link implies that the fix is ultimately on the client side as the vulnerabilty relies on a successful Man-in-the-Middle attack. Are there any parameters that can be changed on the WLC's running 7.3 or later in order to mitigate this vulnerability?

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCts83689

1 REPLY
Bronze

SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Vulnerability on WLC

1518
Views
0
Helpful
1
Replies
CreatePlease to create content